Configuring URL Authorization Rules in IIS 7

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista

You can grant or deny specific computers, groups of computers, or domains access to sites, applications, directories, or files on your server. For example, suppose your intranet server hosts content that is available to all employees, in addition to content that should be viewed only by members of specific groups, such as Finance or Human Resources. By configuring URL authorization rules, you can prevent employees who are not members of those specified groups from accessing restricted content.

For information about the levels at which you can perform these procedures, and the modules, handlers, and permissions that are required to perform these procedures, see URL Authorization Feature Requirements (IIS 7).


This task includes the following procedures:

View a List of URL Authorization Rules (IIS 7)

Create an Allow Rule for URL Authorization (IIS 7)

Create a Deny Rule for URL Authorization (IIS 7)

Edit a Local URL Authorization Rule (IIS 7)

Remove a Local URL Authorization Rule (IIS 7)